brash:Just to ease my mind, please have a look at the AMS/submit.php to see if there's anything wrong or missing here:
<?php
// $Id: submit.php,v 1.13 2004/05/29 15:10:18 mithyt2 Exp $
// ------------------------------------------------------------------------ //
// XOOPS - PHP Content Management System //
// Copyright (c) 2000 XOOPS.org //
// <https://xoops.org/> //
// ------------------------------------------------------------------------ //
// This program is free software; you can redistribute it and/or modify //
// it under the terms of the GNU General Public License as published by //
// the Free Software Foundation; either version 2 of the License, or //
// (at your option) any later version. //
// //
// You may not change or alter any portion of this comment or credits //
// of supporting developers from this source code or any supporting //
// source code which is considered copyrighted (c) material of the //
// original comment or credit authors. //
// //
// This program is distributed in the hope that it will be useful, //
// but WITHOUT ANY WARRANTY; without even the implied warranty of //
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the //
// GNU General Public License for more details. //
// //
// You should have received a copy of the GNU General Public License //
// along with this program; if not, write to the Free Software //
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA //
// ------------------------------------------------------------------------ //
include_once '../../mainfile.php';
include_once 'class/class.newsstory.php';
include_once 'class/class.newstopic.php';
include_once 'class/class.sfiles.php';
include_once XOOPS_ROOT_PATH.'/class/uploader.php';
include_once XOOPS_ROOT_PATH.'/header.php';
if (file_exists(XOOPS_ROOT_PATH.'/modules/'.$xoopsModule->getVar('dirname').'/language/'.$xoopsConfig['language'].'/admin.php')) {
include_once 'language/'.$xoopsConfig['language'].'/admin.php';
}
else {
include_once 'language/english/admin.php';
}
$module_id = $xoopsModule->getVar('mid');
$groups = $xoopsUser ? $xoopsUser->getGroups() : XOOPS_GROUP_ANONYMOUS;
$gperm_handler =& xoops_gethandler('groupperm');
$perm_itemid = isset($_POST['topic_id']) ? intval($_POST['topic_id']) : 0;
//If no access
if (!$gperm_handler->checkRight("ams_submit", $perm_itemid, $groups, $module_id)) {
redirect_header('index.php', 3, _NOPERM);
}
$op = 'form';
foreach ( $_POST as $k => $v ) {
${$k} = $v;
}
//If approve privileges
$approveprivilege = 0;
if ($xoopsUser && $gperm_handler->checkRight("ams_approve", $perm_itemid, $groups, $module_id)) {
$approveprivilege = 1;
}
if ( isset($_POST['preview'] )) {
$op = 'preview';
} elseif ( isset($_POST['post']) ) {
$op = 'post';
}
elseif ( isset($_GET['op']) && isset($_GET['storyid'])) {
if ($approveprivilege && $_GET['op'] == 'edit') {
$op = 'edit';
}
elseif ($approveprivilege && $_GET['op'] == 'delete') {
$op = 'delete';
}
else {
redirect_header("index.php", 0, _NOPERM);
exit();
}
$storyid = intval($_GET['storyid']);
}
switch ($op) {
case "delete":
if ( !empty( $ok ) )
{
if ( empty( $storyid ) )
{
redirect_header( 'index.php?op=newarticle', 2, _AMS_AM_EMPTYNODELETE );
exit();
}
$story = new AmsStory( $storyid );
$story -> delete();
$sfiles = new sFiles();
$filesarr=Array();
$filesarr=$sfiles->getAllbyStory($storyid);
if(count($filesarr)>0)
{
foreach ($filesarr as $onefile)
{
$onefile->delete();
}
}
xoops_comment_delete( $xoopsModule -> getVar( 'mid' ), $storyid );
xoops_notification_deletebyitem( $xoopsModule -> getVar( 'mid' ), 'story', $storyid );
redirect_header( 'index.php?op=newarticle', 1, _AMS_AM_DBUPDATED );
exit();
}
else
{
xoops_cp_header();
echo "<h4>" . _AMS_AM_CONFIG . "</h4>";
xoops_confirm( array( 'op' => 'delete', 'storyid' => $storyid, 'ok' => 1 ), 'submit.php', _AMS_AM_RUSUREDEL );
}
break;
case 'edit':
if (!$approveprivilege) {
redirect_header('index.php', 0, _NOPERM);
break;
}
echo"<table width='100%' border='0' cellspacing='1' class='outer'><tr><td class="odd">";
echo "<h4>" . _AMS_AM_EDITARTICLE . "</h4>";
$story = new AmsStory( $storyid );
$title = $story -> title( "Edit" );
$hometext = $story -> hometext( "Edit" );
$bodytext = $story -> bodytext( "Edit" );
$nohtml = $story -> nohtml();
$nosmiley = $story -> nosmiley();
$ihome = $story -> ihome();
$notifypub = 0;
$topicid = $story -> topicid();
$approve = 0;
$published = $story->published();
$banner = $story->banner;
if (isset($published) && $published > 0) {
$approve = 1;
}
if ( $story -> published() != 0)
{
$published = $story -> published();
}
if ( $story -> expired() != 0)
{
$expired = $story -> expired();
}
else {
$expired = 0;
}
$edit = true;
$type = $story -> type();
$topicdisplay = $story -> topicdisplay();
$topicalign = $story -> topicalign( false );
$isedit = 1;
$audience = $story -> audienceid;
include "include/storyform.inc.php";
echo"</td></tr></table>";
break;
case "preview":
$xt = new AmsTopic($xoopsDB->prefix("ams_topics"), $_POST['topic_id']);
$text = explode("[extend]", $hometext);
$hometext = $text[0];
$bodytext = isset($text[1]) ? $text[1] : "";
if ( isset( $storyid ) ) {
$story = new AmsStory( $storyid );
$published = $story -> published();
$expired = $story -> expired();
$edit = true;
}
else {
$story = new AmsStory();
$published = 0;
$expired = 0;
$edit = false;
}
$topicid = $topic_id;
$story->setTitle($title);
$story->setHometext($hometext);
$story->banner = isset($_POST['banner']) ? $_POST['banner'] : 0;
if ($approveprivilege) {
$story->setTopicdisplay($topicdisplay);
$story->setTopicalign($topicalign);
$story->setBodytext($bodytext);
$story->audienceid = $_POST['audience'];
}
else {
$noname = isset($noname) ? intval($noname) : 0;
}
$notifypub = isset($notifypub) ? intval($notifypub) : 0;
if ( isset( $nosmiley ) && ( $nosmiley == 0 || $nosmiley == 1 ) ) {
$story -> setNosmiley( $nosmiley );
}
else {
$nosmiley = 0;
}
if ($approveprivilege) {
$nohtml = isset($nohtml) ? intval($nohtml) : 0;
$story->setNohtml($nohtml);
if (!isset($approve)) {
$approve = 0;
}
} else {
$story->setNohtml = 1;
}
$title = $story->title("InForm");
$hometext = $story->hometext("InForm");
if ($approveprivilege) {
$bodytext = $story->bodytext("InForm");
$ihome = $story -> ihome();
}
//Display post preview
$p_title = $story->title("Preview");
$p_hometext = $story->hometext("Preview");
$p_hometext .= $story->bodytext("Preview");
if (isset($change)) {
$edit = true;
}
$topversion = ($story->revision == 0 && $story->revisionminor == 0) ? 1 : 0;
$topicalign = isset($story->topicalign) ? 'align="'.$story->topicalign().'"' : "";
$p_hometext = (($xt->topic_imgurl() != '') && $topicdisplay) ? '<img src="images/topics/'.$xt->topic_imgurl().'" '.$topicalign.' alt="" />'.$p_hometext : $p_hometext;
themecenterposts($p_title, $p_hometext);
$audience = $story->audienceid;
//Display post edit form
include 'include/storyform.inc.php';
break;
case "post":
$text = explode("[extend]", $hometext);
$hometext = $text[0];
$bodytext = isset($text[1]) ? $text[1] : "";
$nohtml_db = 1;
if ( is_object($xoopsUser) ) {
$uid = $xoopsUser->getVar('uid');
if ( $approveprivilege ) {
$nohtml_db = empty($nohtml) ? 0 : 1;
}
} else {
$uid = 0;
}
if ( empty( $storyid ) ) {
$story = new AmsStory();
$story -> setUid( $uid );
}
else {
$story = new AmsStory( $storyid );
$story->setChange($change);
if ($newauthor && $approveprivilege) {
$story->setUid($uid);
}
}
$story->banner = isset($_POST['banner']) ? $_POST['banner'] : 0;
$story->setTitle($title);
$story->setHometext($hometext);
if ($bodytext) {
$story->setBodytext($bodytext);
}
else {
$story->setBodytext(' ');
}
$story->setTopicId($topic_id);
$story->setHostname(xoops_getenv('REMOTE_ADDR'));
$story->setNohtml($nohtml_db);
$nosmiley = isset($nosmiley) ? intval($nosmiley) : 0;
$notifypub = isset($notifypub) ? intval($notifypub) : 0;
$story->setNosmiley($nosmiley);
$story->setNotifyPub($notifypub);
$story->setType($type);
if ($approveprivilege) {
if ( !empty( $autodate )) {
$pubdate = strtotime($publish_date['date']) + $publish_date['time'];
$offset = $xoopsUser -> timezone() - $xoopsConfig['server_TZ'];
$pubdate = $pubdate - ( $offset * 3600 );
$story -> setPublished( $pubdate );
}
if ( !empty( $autoexpdate )) {
$expiry_date = strtotime($expiry_date['date']) + $expiry_date['time'];
$offset = $xoopsUser -> timezone() - $xoopsConfig['server_TZ'];
$expiry_date = $expiry_date - ( $offset * 3600 );
$story -> setExpired( $expiry_date );
}
$story->setTopicdisplay($topicdisplay);
$story->setTopicalign($topicalign);
$story->setIhome($ihome);
$approve = isset($approve) ? $approve : 0;
if (!$story->published()) {
$story->setPublished(time());
}
if (!$story->expired()) {
$story->setExpired(0);
}
if(!$approve) {
$story->setPublished(0);
}
$story->audienceid = intval($_POST['audience']);
}
elseif ( $xoopsModuleConfig['autoapprove'] == 1 && !$approveprivilege) {
$approve = 1;
$story->setPublished(time());
$story->setExpired(0);
$story->setTopicalign('R');
}
else {
$story->setPublished(0);
$approve = 0;
$story -> setExpired( 0 );
}
$story->setApproved($approve);
$result = $story->store();
if ($result) {
// Notification
$notification_handler =& xoops_gethandler('notification');
$tags = array();
$tags['STORY_NAME'] = $title;
$tags['STORY_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/article.php?storyid=' . $story->storyid();
if ( $approve == 1) {
$notification_handler->triggerEvent('global', 0, 'new_story', $tags);
} else {
$tags['WAITINGSTORIES_URL'] = XOOPS_URL . '/modules/' . $xoopsModule->getVar('dirname') . '/admin/index.php?op=newarticle';
$notification_handler->triggerEvent('global', 0, 'story_submit', $tags);
}
// If notify checkbox is set, add subscription for approve
if ($notifypub) {
include_once XOOPS_ROOT_PATH . '/include/notification_constants.php';
$notification_handler->subscribe('story', $story->storyid(), 'approve', XOOPS_NOTIFICATION_MODE_SENDONCETHENDELETE);
}
// Manage upload(s)
if(isset($_POST['delupload']) && count($_POST['delupload'])>0 )
{
foreach ($_POST['delupload'] as $onefile)
{
$sfiles = new sFiles($onefile);
$sfiles->delete();
}
}
if(isset($_POST['xoops_upload_file'])&& isset($_FILES[$_POST['xoops_upload_file'][0]]))
{
$fldname = $_FILES[$_POST['xoops_upload_file'][0]];
$fldname = (get_magic_quotes_gpc()) ? stripslashes($fldname['name']) : $fldname['name'];
if(trim($fldname!=''))
{
$sfiles = new sFiles();
$destname=$sfiles->createUploadName(XOOPS_UPLOAD_PATH,$fldname);
// Actually : Web pictures (png, gif, jpeg), zip, doc, xls, pdf, gtar, tar
$permittedtypes=array('image/gif', 'image/jpeg', 'image/pjpeg', 'image/x-png', 'image/png' ,'application/x-zip-compressed','application/msword', 'application/vnd.ms-excel', 'application/pdf', 'application/x-gtar', 'application/x-tar');
$uploader = new XoopsMediaUploader( XOOPS_UPLOAD_PATH, $permittedtypes, $xoopsModuleConfig['maxuploadsize']);
$uploader->setTargetFileName($destname);
if ($uploader->fetchMedia($_POST['xoops_upload_file'][0]))
{
if ($uploader->upload())
{
$sfiles->setFileRealName($uploader->getMediaName());
$sfiles->setStoryid($story->storyid());
$sfiles->setMimetype($sfiles->giveMimetype(XOOPS_UPLOAD_PATH.'/'.$uploader->getMediaName()));
$sfiles->setDownloadname($destname);
if(!$sfiles->store())
{
echo _AMS_AM_UPLOAD_DBERROR_SAVE;
}
}
else
{
echo _AMS_AM_UPLOAD_ERROR;
}
} else {
echo $uploader->getErrors();
}
}
}
}
else {
if ($story->versionConflict == true) {
include ('include/versionconflict.inc.php');
break;
}
else {
$message = $story->renderErrors();
}
}
if (!isset($message)) {
$message = _AMS_NW_THANKS;
}
redirect_header("index.php",2, $message);
break;
case _AMS_NW_OVERRIDE:
if (!$approveprivilege || !$xoopsUser) {
redirect_header('index.php', 3, _NOPERM);
}
$hiddens = array('bodytext' => $_POST['bodytext'],
'hometext' => $_POST['hometext'],
'storyid' => $_POST['storyid'],
'change' => $_POST['change'],
'op' => 'override_ok');
$story = new AmsStory($_POST['storyid']);
$story->setChange($_POST['change']);
$message = "";
$story->calculateVersion();
$message .= _AMS_NW_TRYINGTOSAVE." ".$story->version.".".$story->revision.".".$story->revisionminor." <br />";
$higher_versions = $story->getVersions(true);
if (count($higher_versions) > 0) {
$message .= sprintf(_AMS_NW_VERSIONSEXIST, count($higher_versions));
$message .= "<br />";
foreach ($higher_versions as $key => $version) {
$message .= $version['version'].".".$version['revision'].".".$version['revisionminor']."<br />";
}
}
$message .= _AMS_NW_AREYOUSUREOVERRIDE;
xoops_confirm($hiddens, 'submit.php', $message, _YES);
break;
case 'override_ok':
if (!$approveprivilege || !$xoopsUser) {
redirect_header('index.php', 3, _NOPERM);
}
$story = new AmsStory($_POST['storyid']);
$story->setChange($_POST['change']);
$story->setUid($xoopsUser->getVar('uid'));
$story->setHometext($_POST['hometext']);
$story->setBodytext($_POST['bodytext']);
$story->calculateVersion();
if ($story->overrideVersion()) {
$message = sprintf(_AMS_NW_VERSIONUPDATED, $story->version.".".$story->revision.".".$story->revisionminor);
}
else {
$message = $story->renderErrors();
}
redirect_header('article.php?storyid='.$story->storyid, 3, $message);
break;
case _AMS_NW_FINDVERSION:
if (!$approveprivilege || !$xoopsUser) {
redirect_header('index.php', 3, _NOPERM);
exit();
}
$story = new AmsStory($_POST['storyid']);
$story->setUid($xoopsUser->getVar('uid'));
$story->setHometext($_POST['hometext']);
$story->setBodytext($_POST['bodytext']);
$story->setChange($_POST['change']);
if ($story->calculateVersion(true)) {
if ($story->updateVersion()) {
$message = sprintf(_AMS_NW_VERSIONUPDATED, $story->version.".".$story->revision.".".$story->revisionminor);
//redirect_header('article.php?storyid='.$story->storyid(), 3, $message);
//exit();
}
else {
$message = $story->renderErrors();
}
}
else {
$message = $story->renderErrors();
}
redirect_header('article.php?storyid='.$story->storyid(), 3, $message);
break;
case 'form':
default:
$title = '';
$hometext = '';
$noname = 0;
$nohtml = 0;
$nosmiley = 0;
$notifypub = 1;
$topicid = 0;
if ($approveprivilege) {
$topicdisplay = 0;
$topicalign = 'R';
$ihome = 0;
$bodytext = ' ';
$approve = 1;
$autodate = '';
$expired = 0;
$published = 0;
$audience = 0;
}
$banner = "";
$edit = false;
include 'include/storyform.inc.php';
break;
}
include XOOPS_ROOT_PATH.'/footer.php';
?>
Thank you.